Prelude: Ensuring Inter-Domain Loop-Freedom in~SDN-Enabled Networks
Arnaud Dethise, Marco Chiesa, Marco Canini
TL;DR
Prelude introduces a privacy-preserving system using Secure Multi-Party Computation to accurately detect inter-domain forwarding loops caused by SDN policies in SDXes, enhancing correctness and privacy in inter-domain routing.
Contribution
The paper presents a novel SMPC-based primitive and a distributed system for detecting SDN-induced forwarding loops without revealing private routing information.
Findings
100x fewer false positives compared to previous solutions
Improved privacy guarantees in loop detection
Enhanced efficiency leveraging SDX-specific properties
Abstract
Software-Defined-eXchanges (SDXes) promise to tackle the timely quest of bringing improving the inter-domain routing ecosystem through SDN deployment. Yet, the naive deployment of SDN on the Internet raises concerns about the correctness of the inter-domain data-plane. By allowing operators to deflect traffic from the default BGP route, SDN policies are susceptible of creating permanent forwarding loops invisible to the control-plane. In this paper, we propose a system, called Prelude, for detecting SDN-induced forwarding loops between SDXes with high accuracy without leaking the private routing information of network operators. To achieve this, we leverage Secure Multi-Party Computation (SMPC) techniques to build a novel and general privacy-preserving primitive that detects whether any subset of SDN rules might affect the same portion of traffic without learning anything about those…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.